Python Digital Forensics Cookbook

Key FeaturesAutomate large-scale network attacks, extract metadata, and improve your skills of acquiring, analyzing and documenting evidenceAchieve enhanced results from Python forensics and implement pro-level solutions and techniquesDiscover real life scenarios in the form of actionable recipes to explore the techniques of digital forensics and investigationsBook DescriptionPython is commonly used as a tool for forensic analysis as it provides an outstanding interface for forensic analysts to write scripts to examine evidence. This book will have recipes in Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artefact. You will be able to analyze Python scripts and build your own scripts to solve some common as well challenging forensic related problems. You will also learn to integrate Python with popular forensic platforms.Python Digital forensics Cookbook starts by giving you a better understanding of Digital Forensics and how to work with system/file info. Then, you will explore mobile forensics and discover tips and techniques to recover your messages. The book will then help you understand the importance of extracting embedded metadata and explore networking aspects of digital forensics. The recipes will help you understand reporting and automation of the forensics process. You will also learn about working with forensic evidence and understand forensic artefacts analysis. By the end of this book, you will be well versed with various malware obfuscation techniques to debug error in your Python scripts.What you will learnUnderstand digital forensics and how python can help in digital forensics and investigationsExplore the techniques of malware static and dynamic analysisRecognize why investigating domain and IP address is importantDecipher how to carve files, collect evidence, document the scene, and recover deleted dataIterate through your files and demonstrate how they can be opened and exposed for further parsingDelve into the fundamentals of mobile forensics and determine if your data is recoverableAbout the AuthorPreston Miller is a consultant at an internationally recognized firm that specializes in cyber investigations. Preston holds an undergraduate degree from Vassar College and a master's degree in digital forensics from Marshall University, where he was the recipient of the J. Edgar Hoover Scientific Scholarship for academic excellence. While studying in a graduate school, Preston conducted classes on Python and Open Source Forensics. Preston has previously published his research on Bitcoin through Syngress. Preston is experienced in conducting traditional Digital Forensic investigations, but specializes in Physical Forensics. Physical Forensics is a subset of Digital Forensics, which involves black box scenarios where data must be acquired from a device by non-traditional means. In his free time, Preston contributes to multiple Python-based open source projects.Chapin Bryce is a professional in the digital forensics community. After studying computers and digital forensics at Champlain College, Chapin joined a firm leading the field of digital forensics and investigations. In his downtime, Chapin enjoys working on Python scripts, writing, and skiing (weather permitting). As a member of multiple ongoing research and development projects, Chapin has authored several articles in professional and academic publications.

Author: Preston Miller

Learn more